๐บ๐ธ
TPI-Abuse
2026-06-27 16:22:11
(6 days ago)
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 12:22:06.051115 2026] [security2:error] [pid 20207:tid 20207] [client 60.27.226.223:12577] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||k4uu.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "k4uu.com"] [uri "/"] [unique_id "aj_4rq-9sfU0CmUEtRRk2wAAAB4"], referer: http://k4uu.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 12:23:16
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 08:23:08.941437 2026] [security2:error] [pid 28494:tid 28494] [client 60.27.226.223:12936] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.artocratic.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.artocratic.com"] [uri "/"] [unique_id "aj5vLJ0qQmc07F_mLsO09gAAABU"], referer: http://www.artocratic.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ด
adalbertoreyes.org
2026-06-25 17:46:52
(1 week ago)
CategoryPortScan
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-24 21:26:45
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 17:26:39.518631 2026] [security2:error] [pid 31165:tid 31165] [client 60.27.226.223:14113] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.sangalgano.info|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sangalgano.info"] [uri "/"] [unique_id "ajxLj3lqLoOpOjKZLarCggAAAAI"], referer: http://www.sangalgano.info/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 01:45:07
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 21:45:02.468504 2026] [security2:error] [pid 13490:tid 13504] [client 60.27.226.223:12352] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||andrewbelschner.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "andrewbelschner.com"] [uri "/"] [unique_id "ajs2nl50mncK5ZxvDzn6-wAAAMw"], referer: http://andrewbelschner.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 23:48:44
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 19:48:39.884213 2026] [security2:error] [pid 8610:tid 8637] [client 60.27.226.223:13159] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||stanfordprofs.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "stanfordprofs.com"] [uri "/"] [unique_id "ajsbV7HR6OwcJAdOUpGmGgAAAFY"], referer: http://stanfordprofs.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 21:40:10
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 17:40:01.418061 2026] [security2:error] [pid 9468:tid 9468] [client 60.27.226.223:12936] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||jazziientertainment.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jazziientertainment.com"] [uri "/"] [unique_id "ajmrsfcoDEE10X-qxxlCgQAAAEI"], referer: http://jazziientertainment.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 04:12:44
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs ...
show more
(mod_security) mod_security (id:210831) triggered by 60.27.226.223 (no-data): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 00:12:37.088013 2026] [security2:error] [pid 22110:tid 22110] [client 60.27.226.223:12321] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.sawtoothstudios.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.sawtoothstudios.com"] [uri "/"] [unique_id "aji2NVlzGjaUOZaEe-vUdAAAAAQ"], referer: http://www.sawtoothstudios.com/
show less
Brute-Force
Bad Web Bot
Web App Attack